shopify
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- Data Exposure & Exfiltration (LOW): The skill documentation includes examples using
fetchto connect to Shopify API domains (e.g., myshopify.com) which are not on the predefined whitelist. This is legitimate for the skill's function and no access to sensitive local files was detected. - Indirect Prompt Injection (LOW): The skill defines patterns for fetching and processing store data (products, orders) that could contain malicious instructions. The provided code examples lack explicit boundary markers to isolate this untrusted content.
- Ingestion points: GraphQL queries in
SKILL.mdandreferences/app-development.mdfor fetching store resources. - Boundary markers: No delimiters or isolation warnings are shown in the React or Liquid snippets.
- Capability inventory: Use of
fetchfor API calls andshopifyCLI for deployment operations. - Sanitization: Webhook signature verification is correctly implemented, but general data sanitization for the agent context is not shown.
- Security Best Practices (SAFE): The skill provides correct guidance for secure app development, including OAuth flow security, HMAC signature verification, and minimal scope requests.
Audit Metadata